6.8

CVE-2006-6928

Exploit
Multiple cross-site scripting (XSS) vulnerabilities in Rialto 1.6 allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to (a) listmain.asp or (b) searchmain.asp, the (2) the Keyword parameter to (c) searchkey.asp, or the (3) refno parameter to (d) forminfo.asp.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GrandoraRialto Version1.6
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.06% 0.789
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/23049
Vendor Advisory
http://securityreason.com/securityalert/2143
http://www.securityfocus.com/archive/1/452112/100/0/threaded
http://www.securityfocus.com/bid/21191
Vendor Advisory
Exploit
http://www.vupen.com/english/advisories/2006/4630
https://exchange.xforce.ibmcloud.com/vulnerabilities/30425